CSP
E542503
CSP is a web security standard that helps prevent attacks like cross-site scripting (XSS) by controlling which resources a browser is allowed to load for a given page.
All labels observed (1)
| Label | Occurrences |
|---|---|
| CSP canonical | 1 |
How this entity was disambiguated
This entity first appeared as the object of triple T5688656 — resolving that mention is where its identity was fixed. The disambiguator weighed these candidate entities and picked the highlighted one (or “None”, minting a new entity). This is how homonymy is resolved: the same surface form can point to different entities.
Target entity: CSP Context triple: [Content Security Policy, abbreviation, CSP]
-
A.
CSP
CSP is the commonly used abbreviation for the Conference of the States Parties, the main decision-making body overseeing implementation of the Chemical Weapons Convention.
-
B.
CSP (Communicating Sequential Processes)
CSP (Communicating Sequential Processes) is a formal model for describing and analyzing concurrent systems based on independent processes that interact solely through message-passing communication.
-
C.
CPS
CPS is the principal public agency in England and Wales responsible for prosecuting criminal cases investigated by the police.
-
D.
CPS
CPS is the commonly used abbreviation for Chicago Public Schools, the third-largest school district in the United States.
-
E.
SCAP
SCAP was the title held by General Douglas MacArthur as the top Allied authority overseeing the occupation and reconstruction of Japan after World War II.
- F. None of above. chosen
- G. Unsure - the case is ambiguous/there is not enough information to decide.
Target entity: CSP Target entity description: CSP is a web security standard that helps prevent attacks like cross-site scripting (XSS) by controlling which resources a browser is allowed to load for a given page.
-
A.
CSP
CSP is the commonly used abbreviation for the Conference of the States Parties, the main decision-making body overseeing implementation of the Chemical Weapons Convention.
-
B.
CSP (Communicating Sequential Processes)
CSP (Communicating Sequential Processes) is a formal model for describing and analyzing concurrent systems based on independent processes that interact solely through message-passing communication.
-
C.
CPS
CPS is the principal public agency in England and Wales responsible for prosecuting criminal cases investigated by the police.
-
D.
CPS
CPS is the commonly used abbreviation for Chicago Public Schools, the third-largest school district in the United States.
-
E.
SCAP
SCAP was the title held by General Douglas MacArthur as the top Allied authority overseeing the occupation and reconstruction of Japan after World War II.
- F. None of above. chosen
Statements (71)
| Predicate | Object |
|---|---|
| instanceOf |
browser security mechanism
ⓘ
web security standard ⓘ |
| abbreviation | CSP ⓘ |
| commonHeaderName |
Content-Security-Policy
NERFINISHED
ⓘ
Content-Security-Policy-Report-Only ⓘ |
| configuredBy | web application developers ⓘ |
| controls |
WebSocket connection endpoints
ⓘ
connection endpoints for XHR and fetch ⓘ execution of inline scripts ⓘ from which origins resources may be loaded ⓘ loading of external scripts ⓘ loading of fonts ⓘ loading of frames and iframes ⓘ loading of images ⓘ loading of media resources ⓘ loading of stylesheets ⓘ use of base URIs ⓘ use of eval-like JavaScript constructs ⓘ use of form actions ⓘ use of inline event handlers ⓘ use of plugins and object resources ⓘ use of workers ⓘ which resources a browser is allowed to load ⓘ |
| definedBy | World Wide Web Consortium NERFINISHED ⓘ |
| deliveredAs |
HTML meta element
ⓘ
HTTP response header ⓘ |
| encourages |
avoidance of inline JavaScript
ⓘ
use of nonces or hashes for scripts ⓘ |
| enforcedBy | web browsers ⓘ |
| hasVersion |
Content Security Policy Level 1
NERFINISHED
ⓘ
Content Security Policy Level 2 NERFINISHED ⓘ Content Security Policy Level 3 NERFINISHED ⓘ |
| introducedIn | Content Security Policy Level 1 NERFINISHED ⓘ |
| mitigates |
clickjacking when combined with frame-ancestors directive
ⓘ
cross-site scripting (XSS) ⓘ data injection vulnerabilities ⓘ |
| partOf | web platform security model ⓘ |
| primaryGoal |
mitigate cross-site scripting attacks
ⓘ
mitigate data injection attacks ⓘ reduce content exfiltration risk ⓘ |
| relatedTo |
HTTP security headers
ⓘ
Referrer-Policy ⓘ Strict-Transport-Security ⓘ X-Frame-Options ⓘ |
| requires | whitelisting of trusted content sources ⓘ |
| specifiedIn | W3C Recommendation NERFINISHED ⓘ |
| supportedBy |
major desktop browsers
ⓘ
major mobile browsers ⓘ |
| supports |
script hashes
ⓘ
script nonces ⓘ style hashes ⓘ style nonces ⓘ |
| supportsMode |
enforce mode
ⓘ
report-only mode ⓘ |
| usedIn | modern web applications ⓘ |
| usesDirective |
base-uri
ⓘ
block-all-mixed-content ⓘ child-src ⓘ connect-src ⓘ default-src ⓘ font-src ⓘ form-action ⓘ frame-ancestors ⓘ frame-src ⓘ img-src ⓘ object-src ⓘ report-to ⓘ report-uri ⓘ script-src ⓘ style-src ⓘ upgrade-insecure-requests ⓘ |
How these facts were elicited
The pipeline generated the facts above by prompting gpt-5.1 with this entity's name + description and the instruction below.
You are a knowledge base construction expert. Given a subject entity and a description of it, return factual statements that you know for the subject as a JSON list of dictionaries(triples), where keys must be "subject", "predicate" and "object". The number of facts may be very high, between 25 to 50 or more, for very popular subjects. For less popular subjects, the number of facts can be very low, like 5 or 10. # Requirements - If you don't know the subject at all, return an empty list. - If the subject is not a named entity, return an empty list. - Include at least one triple where predicate is "instanceOf". - Do not get too wordy. - Separate several objects into multiple triples with one object.
Subject: CSP Description of subject: CSP is a web security standard that helps prevent attacks like cross-site scripting (XSS) by controlling which resources a browser is allowed to load for a given page.
Referenced by (1)
Full triples — surface form annotated when it differs from this entity's canonical label.